use ssh keys

roles/common/tasks/main.yaml

@@ -5,6 +5,6 @@
 - include_tasks: remove-snap.yaml
 - include_tasks: disable-cloudinit.yaml
 - include_tasks: ufw.yaml
-- include_tasks: service-user.yaml
+- include_tasks: user-ops.yaml
 - include_tasks: ssh-security-settings.yaml
 - include_tasks: timesync.yaml

roles/common/tasks/serivce-user.yaml

@@ -1,7 +0,0 @@
----
-- name: "Add service user with docker group membership"
-  ansible.builtin.user:
-    name: service-user
-    comment: Service user
-    groups: docker
-    append: yes

roles/common/tasks/user-ops.yaml

@@ -0,0 +1,11 @@
+---
+- name: "Add service user"
+  ansible.builtin.user:
+    name: service-user
+    comment: Service user
+
+- name: "Update authorized_keys of tormakris"
+  ansible.posix.authorized_key:
+    user: tormakris
+    state: present
+    key: https://static.tormakristof.eu/ssh.keys

roles/docker/tasks/main.yaml

@@ -20,6 +20,13 @@
     state: restarted
     enabled: yes
 
+- name: "Add service user to docker group"
+  ansible.builtin.user:
+    name: service-user
+    comment: Service user
+    groups: docker
+    append: yes
+
 - name: Copy docker-compose.yml to target
   copy:
     src: "{{ dockercompose_yml_name }}"